www.dhs.gov/stopthinkconnect Incident Hotline: 1-888-282-0870 www.US-CERT.gov Report a computer or network vulnerability to the U.S. Computer Emergency Readiness Team; Employees Make your passwords complex. Use a combination of numbers, symbols, and letters (uppercase and lowercase). Change your passwords regularly (every 45 to 90 days). Do NOT give any of your usernames, passwords, or other computer/ website access codes to anyone. Do NOT open emails, links, or attachments from strangers. Do NOT install or connect any personal software or hardware to your organizations network without permission from your IT department. Make electronic and physical back-ups or copies of all your important work. Report all suspicious or unusual problems with your computer to your IT department. Leadership & IT Professionals Implement Defense-in-Depth: a layered defense strategy includes technical, organizational, and operational controls. Establish clear policies and procedures for employee use of your organizations information technologies. Implement Technical Defenses: firewalls, intrusion detection systems, and Internet content filtering. Update your systems anti-virus software daily. Regularly download vendor security "patches" for all of your software. Change the manufacturer's default passwords on all of your software. Monitor, log, analyze, and report successful and attempted intrusions to your systems and networks. Cybersecurity Guidance Protect Your Workplace